Stealth Malware Steals and Imitates Social Behavior

Below:

Next story in Tech and gadgets

Most malware restricts itself to stealing credit card numbers,
tricking computers into sending spam and occasionally shutting
down an Iranian nuclear power plant. This state will not last. As
Internet traffic increasingly shifts to social networking sites,
a new class of malware will steal identities, co-opt personal
relationships and imitate people’s natural behaviors to avoid
detection.

Writing in the online research website ArXiv.org, computer
scientists from Ben Gurion University, in Beersheba, Israel,
predict how these attacks will use an individual’s own
personality to stealthily distribute information about their
social circle to spammers. Although
no malware of this variety has been discovered in the wild
yet, the value of social network data makes its eventual
appearance all but inevitable, the authors write.

these new kinds of attacks, which are much more dangerous,
steal not your credit cards and passwords, which are things
that you can change, but steal your reality, information about
your friends, and about your habits, which is much more
valuable,” said Yaniv Altschuler, first author on the ArXiv
paper. “Because this is so valuable, these are probably the kinds
of attacks under development right now.”

Unlike most malware, which replicates rapidly in the hope of
outpacing the eventual security response, this kind of
malware would use stealth, rather than speed, to inflict
damage.

First, the malware would collect information on your social
circle. It would do this both in the cyber sense, by infiltrating
social networking sites, and in the physical realm, by taking
advantage of mobile devices’ ability to sense and communicate
with other nearby mobile devices, Altshuler told TechNewsDaily.

Then, after recording the frequency and recipients of one’s
social networking messages, the malware would send out spam
advertising in a pattern that resembles natural traffic.
Coming from a trusted friend in a routine quantity, these ads
would be more likely to trick people than random spam, Altschuler
said.

Plus, since most antivirus protocols in social
networking sites look for aberrant behavior, the malware
wouldn’t raise alarms as it imitated the regular behavior of
unsuspecting users.

“Any time they can look like more normal traffic, it will give
them an advantage,” said Danny Quist, a computer security expert
and founder of Offensive Computing, LLC. “Right now, it’s fairly
unsophisticated. There’s been some private investigations where
I’ve seen some similar things happening, and it’s horribly
complex. It’s trying to emulate a lot of this behavior so as to
not get caught.”

The stealth nature of this malware species may explain why no one
has found any yet, Altschuler said. But if the ArXiv paper is
correct, the absence of discovery may simply result from security
officials looking in the wrong place.